package com.aaa.sso.token;

import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.SpringSecurityCoreVersion;

import java.util.Collection;

public class MultipleLoginAuthenticationToken extends AbstractAuthenticationToken {
   private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;

   private final Object principal;

   private Object credentials;

   public MultipleLoginAuthenticationToken(String username, String password) {
       super(null);
       this.principal = username;
       this.credentials = password;
       setAuthenticated(false);
   }

   public MultipleLoginAuthenticationToken(Object principal,
                                           Collection<? extends GrantedAuthority> authorities) {
       super(authorities);
       this.principal = principal;
       super.setAuthenticated(true); // must use super, as we override
   }

   public Object getCredentials() {
       return credentials;
   }

   public Object getPrincipal() {
       return this.principal;
   }

   public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
       if (isAuthenticated) {
           throw new IllegalArgumentException(
                   "Cannot set this token to trusted - use constructor which takes a GrantedAuthority list instead");
       }

       super.setAuthenticated(false);
   }

   @Override
   public void eraseCredentials() {
       super.eraseCredentials();
   }


}
